Commit Graph

782 Commits

Author SHA1 Message Date
d0b713ddcd Dramatically improve RfC query
While the code gets more complex, the new query will first filter all relevant RfCs and only use the `with_last_activity` scope for the current page.

Using `distinct` in the policy is not required (no duplicated RfCs), but causes issues for the ordering otherwise. Therefore, it is removed.

Fixes CODEOCEAN-J2
2023-02-21 01:27:32 +01:00
d0717fb178 Reduce SQL queries for RfC index actions
By using includes and carefully selecting objects through references, all required objects are only queried once.
2023-02-20 23:47:06 +01:00
9c3392b324 Add consumer-based RfC Visibility settings
This setting will be useful to increase data protection, where users might not be allowed to see RfCs from other contexts.
2023-02-20 23:47:06 +01:00
40c7a50834 Directly use ActiveRecord object instead of ID
This change will improve the performance by reducing unnecessary SELECT queries.
2023-02-18 19:28:26 +01:00
6465404ebe Set sentry context after logging in 2023-02-18 19:27:46 +01:00
9c3ec3c7ff Refactor submission scoring and testing
* Properly cancel code execution if running is prohibited
* Correctly monitor duration with Sentry
* Align methods with running submissions
2023-02-17 18:13:48 +01:00
a1ec4579fe Properly cancel code execution if running is prohibited 2023-02-17 18:13:48 +01:00
326b5fce51 Allow assigning tips during exercise create
Fixes CODEOCEAN-H6
2023-02-16 11:23:52 +01:00
e9cf79085a Refactor listing files to be independent of exiting runners
Previously, we were always fetching files, even if not required (e.g., for score runs). Now, we reduce the number of file listings and use a dedicated callback.
2023-02-16 10:50:01 +01:00
91c2e14fe8 Fix error handling during Runner::Connection close
Closes CODEOCEAN-HQ
2023-02-16 10:47:28 +01:00
596a04b9da Handle ReadTimeouts for LTI consumer properly 2023-02-16 10:12:05 +01:00
04504973ba Adjust Sentry's user context 2023-02-03 00:16:52 +01:00
234a4fe02b Deny /implement without execution environment
Also, fix a smaller typo in the locales
2023-01-20 23:53:08 +01:00
2679f5fa56 Allow random selection for ProxyExercise 2023-01-20 21:02:20 +01:00
fcc6d69982 Fix percentage value display for remote score 2023-01-12 18:50:50 +01:00
87771b905a Fix rubocop offenses 2023-01-11 23:57:29 +01:00
6a942ccf50 Capture exception for Scoring
Previously, an exception was caused by the tubesock gem but not sent to Sentry. This caused errors not to bubble up correctly but rather kill the current thread, leaving the user with a generic "WebSocket connection not established" message.

Probably, this should be removed when updating the WebSocket implementation.
2022-12-23 13:04:34 +01:00
7cd61acbce I18n: Automatically choose locale through HTTP header 2022-12-20 10:26:32 +01:00
8a6e0a8366 Catch empty files_json during conversion 2022-12-19 16:11:35 +01:00
17356c3045 Allow redirect to main CodeOcean host
When a file cannot be retrieved any longer, we send a redirect to the previous locations. As we usually enable a different render host, Rails sees this redirect as a redirect to another host (from the render host to the main CodeOcean host).
2022-12-19 16:06:47 +01:00
bec235c8d6 Fix XML parsing with invalid LTI response
An invalid XML response may be returned if the LTI provider is unavailable and cannot handle our request. We decided against logging in Sentry as this affects a third party functionality we cannot fix ourselves.
Fixes CODEOCEAN-G2
2022-12-07 23:00:21 +01:00
bc5baed05e Use exec_query for custom SQL execution
Also align how we use query Postgres from controllers.

The change is mainly due to regular (but not reproducible) issues with the `intervalstyle` defaulting to `postgres` (instead of `iso8601`) and thereby causing issues. We're just experimenting to see whether this change resolves the issue.
2022-12-06 22:41:00 +01:00
9977e1614b Allow external redirect for render host and LTI
We only use the `launch_presentation_return_url` provided to the @provider, in order to prevent using an open redirect.
2022-12-05 22:38:13 +01:00
b7a3fd4586 Refactor exercise statistics to use convert times in Ruby 2022-12-05 21:59:34 +01:00
90b30e2bf7 Upgrade to Rails 7.0 and apply new framework defaults
* Remove `send_stream` method pulled in before upgrading Rails
* Remove spring, it is no longer included by default for new apps
* Remove deprecated options from environments
* Remove old asset paths and workarounds no longer needed
* Remove unnecessary `OAUTH_10_SUPPORT` const, LTI still uses OAuth 1.0
* Dump schema with new defaults (and specify precision for timestamps where needed)
2022-12-04 15:21:59 +01:00
574e99eddd Fix rubocop offenses - Requires Ruby 3.1+ 2022-11-25 11:10:06 +01:00
dfbf06274c Specify class for html_escape 2022-11-24 17:16:18 +01:00
ab688e09c0 Execute SQL statement in ping controller 2022-11-21 14:52:11 +01:00
25707478ea Require user for Community Solution
Fixes CODEOCEAN-F7
2022-11-21 10:48:08 +01:00
b6cecf53aa Pundit: Skip authorization in case of errors
Fixes CODEOCEAN-F3
2022-11-17 21:37:45 +01:00
b2af4e0663 Check submission and exercise files when filtering downloads 2022-11-17 20:47:33 +01:00
591f776f69 Close WebSocket connection normally
With Tubesock, we need to send a close frame ourselves. Otherwise, some browsers might display a warning.
2022-11-16 23:16:49 +01:00
0950e626ba Convert message data to string before slicing
Fixes CODEOCEAN-F1
2022-11-16 19:53:19 +01:00
55d7fb2f9a Download file: Return after rendering NotAuthorized Error
Fixes CODEOCEAN-ET
2022-11-14 18:21:35 +01:00
d50e6d30e9 List Files: Catch more Runner::Errors 2022-11-14 13:51:04 +01:00
60f8d9809b Catch error in LiveStreams Controller to avoid concurrency issue 2022-11-10 12:00:56 +01:00
de024d9360 Set Content-Type to fixed value for send_runner_file 2022-11-04 16:52:49 +01:00
4f0b8c3c42 Reduce usage of @current_user (use helper instead) 2022-11-02 12:27:38 +01:00
58548555a5 Shell: Add file system browser to retrieve arbitrary files 2022-10-29 18:49:18 +02:00
60078701f5 Editor: Allow file retrieval after code run 2022-10-29 18:49:18 +02:00
eefe3faa13 Re-apply default group when external user signs out 2022-10-27 17:06:04 +02:00
f45fad71dd Add early return support for authentication 2022-10-27 16:14:18 +02:00
dd1f4b0ac8 Merge pull request #939 from openHPI/refactor_proforma_import_export
Refactor Proforma Import/Export
2022-10-26 17:58:48 +02:00
c75f52f2c8 Fix Rubocop offenses 2022-10-24 12:28:50 +02:00
df384ebf0d Disallow protected upload paths for non-native files
Fixes CODEOCEAN-E0
2022-10-06 00:11:27 +02:00
61e3cfcac5 Handle deleted files in CodeOcean::FilesController
Fixes CODEOCEAN-E2
2022-10-06 00:10:52 +02:00
f7515362a1 Set Content-Type to fixed value for all download actions 2022-10-05 21:46:17 +02:00
42688ed1c9 Prefer authentication token for session if present 2022-10-05 21:34:19 +02:00
2d95a737f6 Assume failed code execution if no status was received 2022-10-04 16:08:10 +02:00
b8b7cd99bd SubmissionsController: Allow JS to be "rendered"
We skip verifying the authenticity token for the action, to prevent raising a `ActionController::InvalidCrossOriginRequest` exception.
2022-10-04 16:06:59 +02:00